Adding the SCT into the final certificate as X509v3 Extension

[Javier Olmo Gil]

Hello.

I'm trying to create my certificates (as a CA). I retrieve correctly the timestamps from the log servers. The final step is adding that timestamp into a X509v3 certificate. Let's say I have retrieved two timestamps with a JSON structure similar with this:

[{"sct_version":0,"id":"blahblahblahblahblah=","timestamp":100000000000,"extensions":"","signature":"blahblah"},{"sct_version":0,"id":"dumdadidooodamdamdidudidaa","timestamp":100000000001,"extensions":"","signature":"blahblahdata=="}]

So then, I add it on the config file in openssl in order to generate a cert with that data in the OID "1.3.6.1.4.1.11129.2.4.2". The trouble is that i don't know in what format should I add it. Here's some examples I tried:
..............................................................................................................
google_sct=DER:A_LONG_CHAIN_IN_HEX_FORMAT
..............................................................................................................
..............................................................................................................
google_sct=ASN1:OCT:A_LONG_CHAIN_IN_HEX_FORMAT
..............................................................................................................
..............................................................................................................
google_sct=ASN1:OCT:s:463:"HERE_LIES_THE_JSON_RESPONSE_FROM_LOG_SERVERS"
..............................................................................................................

No matter what I try, the generated PEM file doesn't have the data encoded in a similar way that I have on a legal certificate with the SCT added as an extension that we use to compare the results.
 
I've faked the data but, the format I see on the OID for SCTs on the correctly generated certificate is similar to this: 
......X.
k....G..
:...).1.
Fs4J..D.
.s..SO..
...1S..B
.....TYE
Even I don't know what kind of format is this (I supose is a asn1 binary octet in an unknown (for me) representation). And on my examples, it seems it just add the data as the hex itself or it just adds the plain JSON structure.

The Certificate Transparency RFC tells us the way that info should be added:

Similarly, a certificate authority MAY submit a Precertificate to
   more than one log, and all obtained SCTs can be directly embedded in
   the final certificate, by encoding the SignedCertificateTimestampList
   structure as an ASN.1 OCTET STRING and inserting the resulting data
   in the TBSCertificate as an X.509v3 certificate extension (OID
   1.3.6.1.4.1.11129.2.4.2).

So... anyone knows what is the correct format to place in the config file to generate the data as desired in the correctly generated certificate that I'm using as example? Hope I have explained my trouble correctly, and I'm really sorry about my bad english.

Many thanks!

[Eran Messeri]

Hi Javier,

The SCTs are not very useful in JSON format (which is why we consider changing it in RFC6962-bis). You have to convert each one individually to be represented in TLS encoding, then collect them together into a SignedCertificateTimestampList (again, TLS encoded) which should then be wrapped in an ASN.1 OCTET STRING for embedding in the certificate.

See these posts:

https://groups.google.com/d/msg/certificate-transparency/KkidSfAfiEk/5bpgT9DQQC0J

https://groups.google.com/d/msg/certificate-transparency/_BMepQOw8dg/LInJqdH3hsMJ

Particularly, the ct tool can do this (see the configure_proof command).

[Javier Olmo Gil]

Hi Eran.

Many thanks for your reponse. Finally, with some struggle I managed to compile the project in order to access to ct in linux So I type:

ct configure_proof fileWithBinaryProof.proof myconfig.conf 

The examples I used are directly from the CT test folder.

• The binary proof file I used is in:certificate-transparency/test/testdata/test-cert.proof
  
• The Openssl conf I used is in: certificate-transparency/test/precert.conf
  

I used these examples just for testing purposes. Whenever I use this command I get this response. 

F0720 08:23:54.414362  3888 ct.cc:458] Check failed: !FLAGS_sct_token.empty() ./

I tried changing the order of the parameters like this:

ct configure_proof myconfig.conf fileWithBinaryProof.proof

but I get the same response.

I searched in google examples of using this command but seems there's no help or examples using this command

Still my trouble is that I don't know how to convert a .json file with the SCTs in a X503 extension (the chain I should put on openssl to create the final certificate)

At least I discovered in the code that the openssl tat that will be added, without the sct itself will be

=ASN1:FORMAT:HEX,OCTETSTRING:

but again there's no help on internet of some examples using this chain (never saw in any openssl conf file, I thought i would just pass a DER with the hexadecimal value of the SCT list serialized.

Sorry 'bout my english. 

Maybe someone have some example using this command? I can't find any relative info on internet,

Many thanks.

[Eran Messeri]

On Mon, Jul 20, 2015 at 7:32 AM, Javier Olmo Gil <cid...@gmail.com> wrote:

Hi Eran.

Many thanks for your reponse. Finally, with some struggle I managed to compile the project in order to access to ct in linux So I type:

ct configure_proof fileWithBinaryProof.proof myconfig.conf 

The examples I used are directly from the CT test folder.

• The binary proof file I used is in:certificate-transparency/test/testdata/test-cert.proof
  
• The Openssl conf I used is in: certificate-transparency/test/precert.conf
  

I used these examples just for testing purposes. Whenever I use this command I get this response. 

F0720 08:23:54.414362  3888 ct.cc:458] Check failed: !FLAGS_sct_token.empty() ./

I tried changing the order of the parameters like this:

ct configure_proof myconfig.conf fileWithBinaryProof.proof

The SCT should be specified with the --sct_token flag (i.e. --sct_token=fileWithBinaryProof.proof).

Note that the ct tool is limited in that it can only embed one SCT - you will need to write your own code to add multiple ones.

See the Python code for creating the SCTList that should be encoded as as ASN.1 OCTET STRING for embedding in the X.509 extension:

https://github.com/google/certificate-transparency/blob/master/python/utilities/submit_chain/submit_chain.py#L99

 

--

You received this message because you are subscribed to the Google Groups "certificate-transparency" group.
To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transp...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Bharat Krishna]

How was the final octet srting encoding achieved from the dummy JSON?

I am trying to do the same. With the tool ct-submit.py, I used my dummy json instead of it contacting actual log servers and got a .sct bin file. Also it prints base64 encoded string to console. From here, how do I embed the SCT in a X509v3 Certificate Extension? 

To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsub...@googlegroups.com.

[Eran Messeri]

https://github.com/google/certificate-transparency/blob/master/python/utilities/submit_chain/submit_chain.py#L97 demonstrates encoding the data in a way that's needed to be stored in an X509v3 extension.

You can then use openssl to generate a certificate containing the SCTList.

--

To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsubscr...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[by li]

Hi Eran.

   now i have the SCTList, i want to know how can i use openssl to generate a certificate containing the SCTList. Thank you very much.

在 2017年5月3日星期三 UTC+8下午10:22:44，Eran Messeri写道：

--

To unsubscribe from this group and stop receiving emails from it, send an email to certificate-transparency+unsub...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[K T]

Once you have SCTList's ASN.1 OCTET STRING, I believe you can include it in the OpenSSL config file under an extension with the Embedded SCT List OID, but I may be wrong on that.